Square Open-Sources Subzero Bitcoin Cold Storage Solution

Square invested both time and money into a bitcoin cold storage solution to support trading through its Cash app. Realising that this work could help others in the community, Square today released the entire GitHub repository as open-source.

Hardware Security Modules

Whilst Cash users can buy, sell and withdraw bitcoin through the app, the bitcoin 00 actually remains with Square in a combination of hot and cold wallets. To protect both itself and customers’ funds, Square needed a robust cold storage solution. Transferring funds out of cold storage requires physical access to the private keys, and there are a variety of methods to secure these offline.

Square, whose CEO Jack Dorsey, believes Bitcoin should be the native currency of the internet, chose to use Hardware Security Modules (HSMs), which are common in the traditional payments industry. They guarantee strong access control, tamper protection, and often allow replication of keys without plaintext exposure. In addition, Square already used HSMs for non-crypto payments, so they’re familiar with the software and hardware.

Cold ‘Subzero’ Storage

The solution, Subzero, is an enterprise offline Bitcoin wallet, allowing implementation of customization and business-related rules.

One key customization implemented is layering, whereby a cold wallet can only release funds to a Square-owned hot wallet. This layering can be replicated, so that larger balances are stored behind more layers. This gives ‘defense in depth’, meaning an attacker must penetrate several systems to extract funds.

Subzero uses a geographically distributed, multi-party signing ceremony, using a combination of smart cards and passwords. Moving funds requires a certain proportion of signees to participate. This makes the process harder to compromise, while additionally providing some redundancy.

Minimal data passes between online and offline servers, via QR codes, and the cold wallet remains permanently offline. Offline servers boot from DVD, and run a custom app to communicate with the HSM. HSMs run Subzero Core code and private keys are never exposed outside of the HSM + Subzero boundary.

The full repository of code and documentation is available through GitHub.

Since enabling cryptocurrency functionality in January, Square Cash has bucked the trend of falling prices and volumes across the industry. According to trading giant Nomura, the app experienced three times the growth of PayPal’s fiat-based Venmo app.

The company has also just released a new PoS terminal for merchants sparking excitement about possible Bitcoin integration in the near future.

What do you think of Square’s announcement amid all the new custodial services emerging? Share your thoughts below!

This post was originally published on this site Coinbase’s app download ranking has fallen to its lowest level since April 2017 following a decline in the crypto market San-Francisco-based cryptocurrency exchange Coinbase’s download rate has [...]

This post was originally published on this site Agents of the Indian government have met to formally discuss a possible ban on private cryptocurrency holdings in the nation. On October 30, 2018, the Financial Stability [...]

This post was originally published on this site Latest Ethereum News According to Vin Armani, the founder of CoinText, CoinGeek and Craig Wright have a sinister plan for Bitcoin Cash ABC and other proof of [...]

This post was originally published on this site Though altcoins are finding reprieve following rapid depreciation mid this week, the fact that most are trading at new 2018 lows as IOTA, Litecoin while some as [...]

This post was originally published on this siteA scammer demanded $600 in Bitcoin for the safe return of a North Carolina woman’s dog, hours after the dog had already been found. Bitcoins and Basset Hounds [...]